extension_content_verification, if set to enforce, wrongly disables HTTPS Everywhere

[gorhill]

There is a new flag in Chromium 38 (dev), "Extension Content Verification", which if set to be enforced, trying to bring the popup by clicking on the HTTP-E page action icon will cause the HTTP-E to be disabled and marked as "maybe have been corrupted by malware".

This was reported by a user of my own extension, and he mentioned that HTTP-E suffered the same problem: gorhill/httpswitchboard#390

The user filed an issue with Chromium devs:
https://code.google.com/p/chromium/issues/detail?id=398557

But there was a prior issue filed about this by another user, https://code.google.com/p/chromium/issues/detail?id=389879, and no feedback so far as to what causes the problem.

Maybe EFF will have better luck with regard to feedback.

[gorhill]

Problem is different with HTTP-Everywhere. I am trying to figure why this happens with HTTPS-E, and so far found nothing. Except that I noticed that there is a missing JS file: jquery.min.js. It's being loaded by popup.html, but the file isn't there.

Edit: jquery is used nowhere in the project as far as I can see, so this line:

<script src="jquery.min.js"></script>

Should be removed from popup.html.

[semenko]

Ah, cool, there's my bug!

Looks like it's getting resolved on Chrome's side now -- we should probably remove that jquery dependency anyway if it's 404ed. I'll take a look.

[gorhill]

It's removed already with pull request #415.

[semenko]

Whoops -- missed that was already merged. Thanks @gorhill!